According to 3.10.1 changelog at $URL: Bugs fixed: * WebP loader: fixed an infinite loop when the operation is cancelled. (Jürg Billeter) * Jpeg loader: fixed crash in case of some malformed jpegs. (Joerg Fellmann) * Fixed crash when selecting other images after deleting. (#126) Please bump to 3.10.1.
x86 done
amd64 done all arches done
Please cleanup, thanks!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dce71c653b6213576fc0ac27963b8d052c8d0d47 commit dce71c653b6213576fc0ac27963b8d052c8d0d47 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2021-02-28 13:08:12 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2021-02-28 13:08:12 +0000 media-gfx/gthumb: security cleanup Bug: https://bugs.gentoo.org/743865 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Mart Raudsepp <leio@gentoo.org> media-gfx/gthumb/Manifest | 1 - media-gfx/gthumb/gthumb-3.10.0.ebuild | 89 ----------------------------------- 2 files changed, 90 deletions(-)
> * Jpeg loader: fixed crash in case of some malformed jpegs. (Joerg > Fellmann) Requested a CVE for this, seems like the only one that's really security relevant. The others would require the user to do it to themselves.
Package list is empty or all packages have requested keywords.
(In reply to John Helmert III from comment #5) > > * Jpeg loader: fixed crash in case of some malformed jpegs. (Joerg > > Fellmann) > > Requested a CVE for this, seems like the only one that's really security > relevant. The others would require the user to do it to themselves. And since this is so low impact, no GLSA. All done!
